:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/63706866/david_gurle_ceo_symphony.0.1537433218.0.jpg)
The Bloomberg terminal makes up a significant part of the world’s financial nervous system. The machine is parked on the desks of over 325,000 financial pros who pay $24,000 a year to use it. And while it’s packed with data and news, its most popular feature by far is its instant messaging function, which traders from thousands of different banks and financial firms use to whip up deals, trade gossip and execute billions of dollars in trades every day.
It’s essentially Facebook for Wall Street, but with real money.
In 2013, however, it emerged that some Bloomberg News reporters had accessed data showing what clients were doing on the terminal, resulting in complaints from financial institutions obsessed with protecting their secrecy. It was a genuine concern, of course, but the incident also served as an excuse to try to wean themselves off the terminal. Clients, some of whom lease thousands of machines, had grumbled for years over its high cost.
Enter Perzo, a secure messaging system designed by French software engineer David Gurlé and a small team of developers. It’s meant to deliver many of the terminal’s messaging capabilities, with an emphasis on privacy and adherence to the needs of regulatory compliance but without the high cost.
Goldman, which had been the first and loudest to complain to Bloomberg, liked what it saw and acquired Perzo through a holding company for somewhere between $40 million and $50 million. It soon invited other banks and financial institutions to join it in a consortium: Bank of America, Merrill Lynch, Credit Suisse, J.P. Morgan and Citi were among the 15 institutions that ultimately signed on. The revolt against Bloomberg was on. Its name: Symphony Communication Services.
Gurlé was an early pioneer in designing voice-over-IP systems; while at Microsoft in 1999, he launched the messaging and video-audio conference product that came to be known as Lync. He then spent seven years at Bloomberg rival Thomson Reuters running its messaging unit. He later joined Skype to start its first business product but left soon after it was acquired by Microsoft.
Symphony has been humming along in beta since April with some 30,000 people using the service. A preview was released this week and a general release is scheduled for September. And Gurlé has ambitions for it beyond the financial sector. He wants to sell Symphony to law firms, accounting offices, health care companies and companies in any other industry where exchanging sensitive information is necessary. Wall Street, he says, is just a “beachhead.”
Re/code: How did Symphony come out of your previous company, Perzo?
David Gurlé: I had been at Avaya where I had been running corporate strategy, and I decided that I wanted to launch a company of my own. I launched Perzo in 2012 with the idea that we would have communications with total privacy. We decided that we would never make money from our users’ data, so we built a system with strong encryption at its core and we built it in way that we would never have access to the keys used to encrypt the data.
We released the software in 2013 and within a few weeks we received at least four acquisition offers. And about that time, I reconnected with Tom Jessup of Goldman Sachs. That led to Symphony. … Goldman proposed that we could accomplish our dream as a company and at the same time help them solve the problems that they face in financial services, like keeping information exchanged private.
Obviously there were concerns a few years ago about the privacy of messaging on the Bloomberg terminal. Is that a real concern, or is it just part of the narrative around Symphony?
It’s real, but it’s not the only motivator. The bigger reason has to do with the question of who owns the data you exchange on the service. Is it the company that owns the service, or is it you? It was very important to Goldman, and then to many other companies that invested that privacy, [for that to] be the number one objective that we want to achieve — not only to protect the information on the system itself but also to secure it from bad guys who may be trying to access it.
The second priority is simplification, which matters a lot to the guys in the back office running 20 different messaging systems and trying to make sure they all comply with the many regulatory requirements. You may remember a few years ago there were billions of dollars in fines that companies ended up paying for failing to properly monitor their internal and external communications.
How can you have both? Regulatory compliance implies that you have to give up some privacy. If I work for Goldman Sachs, J.P. Morgan may not see what I’m working on, but my boss may see what I’m working on, and therefore it’s not entirely private.
It’s not a trade-off so much as it’s a requirement. Those companies have legal mandates that say they have to record their electronic communications, and that they keep those recordings for a number of years depending on the country they’re in. … It creates a huge pressure on the compliance officers to properly retain the data and properly get access to it and get it to the right people when there’s an inquiry, which happens often. Our system handles both aspects, by separating the encryption software from the keys used to encrypt the data. There’s a key management system that’s held by the financial institution, and we don’t have access to the keys or the box used to create the keys.
And there wasn’t an existing system for, say, encrypting email or instant-messaging traffic that was suitable already?
They had been looking at a number of solutions from vendors like Microsoft and service providers like Bloomberg or Markit or Thomson Reuters, and found they weren’t happy with them. They were looking for an entity that would be neutral in its approach to the information carried across its network.
Why is it helpful to have so many banks investing?
On one hand it’s Metcalf’s Law: The value of a network is proportional to the number of people using it. They’re investors, but also users of the product. Our objective, basically, is to make sure that we deliver the product they want. For any startup, it’s kind of an incredible privilege because when you’re a new company, people always ask you how you’re going to go to market. For us, it’s a very easy answer. Our beachhead is financial services. We know who our customers are, and they sit right across the table from us.
You also plan to offer the product to the general public, where the market for communications tools is really crowded. How do you go from one to the other?
There’s basically two types of communications tools. There’s the asynchronous ones like email and file-sharing, and the synchronous ones like chat rooms, Hipchat, Slack, etc., and then unified communications like Lync, and then the meeting services like WebEx and GoToMeeting. … Email is universal, but it’s not good for collaboration, it’s slow, and it’s not very trustworthy.
Collaboration and instant messaging tools like Slack and iMessage and others have good collaboration capabilities, they’re interactive, but [they’re] not very useful because there’s only a limited number of people using them. … It’s a very fragmented set of experiences, and what we’re trying to build with Symphony is a combination of real-time and non-real-time communications. … If we do it right, we can offer a communication tool that’s as universal as email, as interactive as group chat, and which can integrate experiences like click-to-call, click-to-video and click-to-share.
So how do you take it beyond the financial services sector?
Ask yourself if there’s a single business-to-business communications tool that’s really secure. There isn’t one. It’s our unique selling point. We’re going to be the first one. That’s a really compelling idea to people in a lot of industries where exchanging information is critical to doing business. I once sat in on a webinar demonstrating how one company uses Slack. And I asked if anyone ever put anything sensitive on it. The answer was, “No, we never do that.” They use it internally to get their jobs done, but they really don’t trust it. I found that interesting, and it leads me to believe that we’re on to something here that many industries — legal, accounting, health care — will find interesting too.
Correction: The correct name of the company is Symphony Communication Services, not Symphony Technology as we initially said. Sorry about that.
This article originally appeared on Recode.net.
